The first step in protecting your clients’ health data is to understand which parts of that data must be protected. The answer to that question lies in the Health Insurance Portability and Accountability (HIPAA) Act.
HIPAA introduced an acronym called PHI, which stands for Protected Health Information. As the name suggests, this is what your website needs to protect. It includes any information that could be used to identify an individual’s health information. That includes their name, social security number, address, birth date, and many other types of information. For a complete list of what’s included in PHI, check out this free online resource.
The penalties for failing to protect your clients’ PHI can be steep. Fines can range from $100 to $50,000 per violation and vary based on your company’s level of culpability. According to the HIPAA Journal, the average cost of a healthcare data breach is $429 per record. These costs can add up quickly, as companies tend to leak many records at a time when breaches do occur.
Protecting your clients’ PHI requires creating a website that’s been designed for that purpose. There are several key steps that your healthcare company should take to ensure it remains HIPAA compliant Here’s a quick checklist you can consider to identify how much your business is doing to protect its clients’ PHI:
Implementing the protocols and features necessary for protecting your clients’ PHI can be challenging. One way to make the burden easier on your company is to partner with a web development company that can handle the work for you. Onsharp would be happy to offer you a free consultation if your company would like some help with protecting the PHI it collects.
Click on the button below to download the PDF version of this blog post. Feel free to print or share with your business colleagues, or send them a link to this article.